Under some circumstances the following error message may be filling up /var/log/secure
<Date> <machine_name> <user_name>[pid]: UNAB uxauthd reply status is not OK but <negative_random_number>
Dec 2 14:38:38 mymachine myuser: UNAB uxauthd reply status is not OK but -1372721968
However, the user is able to authenticate normally using UNAB.
At the same time, if UNAB is set to debug, following messages are present in the agent_debug file if UNAB is set to debug
<date>.<hour> T<number> R 1: HandleUserOnLine: Check user '<user>' failed, error = 1065
20221202143838.136005 T2445978496 R 1: HandleUserOnLine: Check user 'myuser' failed, error = 1065
Note that these messages appear only if the user attempting to access is local on the machine and not on Active Directory, and that the user accesses regularly anyway.
This happens only if the user trying to authenticate to a machine where UNAB is running is local, so it has no UNIX attributes in AD, or in case it exists in AD, it is filtered from UNAB via a filter like user_custom_filter = !(uidNumber=<uid_of_user>)
UNAB v18.104.22.168 and earlier versions
Error code 1065 means that UNAB is unable to retrieve attributes from active directory regarding the user that one is trying to log in as.
It makes sense as whether the user is local and has no attributes in AD, or it is filtered from UNAB, the product will not be able to verify its attributes in AD
As far as error reply status is not OK but <negative_random_number> this is purely an informative message which is caused by module pam_uxauth and it bears little or no value in terms of troubleshooting. Message is harmless and later versions of UNAB have disabled it
This is corrected in UNAB v22.214.171.124 and later.
Messages in /var/log/secure will only appear when the debug level is set to lower or medium
Please install recommended build or a later one